Oplink PR Ping

Jonathan Marler via Digitalmars-d digitalmars-d at puremagic.com
Wed Jan 28 13:17:24 PST 2015


On Wednesday, 28 January 2015 at 21:12:58 UTC, Vladimir Panteleev 
wrote:
> On Wednesday, 28 January 2015 at 04:17:12 UTC, Jonathan Marler 
> wrote:
>> Just had a thought.  You could expose the email addresses only 
>> for users that are logged in.  That way the evil robots won't 
>> be able to steal the email addresses but real people can still 
>> access them easily.  However, maybe it is meant to be 
>> difficult by design? in which case nevermind :)
>
> Registration on the forum is currently very simple because it 
> grants no additional privileges. Half of the spam that we had 
> was coming from registered accounts, so it's not likely to be a 
> considerable deterrent.
>
> I have thought about (and even implemented, but never enabled) 
> adding a link which allows getting a user's email address after 
> solving a CAPTCHA challenge.
>
> I am hesitant to enable this, because:
>
> - The reCAPTCHA MailHide API documentation has been quietly 
> removed from Google's website.
> - The email hiding feature on Google Code now no longer allows 
> solving a CAPTCHA to get an email address.
>
> Something tells me that in spam economics, a working email 
> address is worth much more than the cost of solving a CAPTCHA.
>
> Of course, in our case, it would be easy to harvest everyone's 
> email from the NNTP server. But most spammers don't know that.

They may not have known before but now they do! lol :)  Robots 
are sniffing our sites with valid accounts! I was not expecting 
that...wow.  Writing a generic robot that can create accounts and 
login with them seems like a tough problem, I'm impressed.


More information about the Digitalmars-d mailing list